What’s New for Organizational Accounts in Visual Studio 2013 RC

This release contains some improvements to the organizational accounts support we (==Active Directory and ASP.NET teams) collaborated on. Here there’s an unofficial (and likely incomplete) list of the main news in that area.

Yes, It Ships In the Box! ♫

Remember? With the Preview you had to download an additional update to get the Organizational features. With the RC, you get all of it in the main setup.

More Control, Less Clutter

The Organizational Accounts portion of the new authentication section in the ASP.NET project creation dialog got a bit clearer, while at the same time offering more features.

For example, here there’s the dialog we had in the Preview for single org/MVC apps:

And here there’s its counterpart in the RC. Please ignore the differences in the windows’ chrome, the one above is from a Windows 8.1 box and the one below from a Windows 7 one.

Pretty neat! You might notice that the Application ID URI (the Realm, for old timers) is gone, but in fact it is not really gone. Simply, it has been moved to the collapsible region handled by the More Options control. Given that in the majority of cases you are going to accept the default anyway, there’s not much point to crowd the UI with it! This is an item I always cared disproportionally for, from the very UI mockup (good times with my friend Saurabh Pant ) and I am super glad to see it shipping.

Organizational Accounts Authentication Available for Web API

With the RC you can finally create a Web API project secured by Windows Azure AD right from the start! The experience is in line with what you get for Web UX app types (webforms, MVC) with the notable absence of the return URL (which would make no sense here).

Just fill in the domain of your tenant…

…authenticate with the brand new ADAL authentication dialog…

and voila’! You get a Web API project fully configured with the latest Katana middleware for validating Windows Azure AD tokens (see here for a deeeep dive).

What? You don’t believe that the tool actually created the entry for the Web API? I guess you’ll have to see for yourself, then. Here I am navigating to manage.windowsazure.com/mytenant->Active Directory->Applications. As you can see, the entry is there!

Note: the project template only takes care of the Web API side, you’ll have to put together a client by hand as shown here.

Structural Changes in the Templates

I don’t want to go too much in the details here. The main news I’d point out is about where apps cache validation coordinates. Project templates now rely on custom implementations of IssuerNameRegistry, which in turn save information about signing keys and issues in a proper database:

Vittorio who?

Vittorio Bertocci is a developer, speaker, published author, avid reader, troublemaker, foodie, Italian expat, and other things that would not be wise to mention here.
This is Vittorio's personal blog. The views and opinions expressed here are his, and not those of his employer.